535 Open source projects that are alternatives of or similar to pentesting-notes

🆕 The Multi-Tool Web Vulnerability Scanner.

Opening the door, one reverse shell at a time

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.

Get GTFOBins info about a given exploit from the command line

备考 OSCP 的各种干货资料/渗透测试干货资料

A collection of resources I'm using while working toward the OSCP

Free Security and Hacking eBooks

Next generation web scanner

Everything needed for doing CTFs

This cheasheet is aimed at the CTF Players and Beginners to help them sort Vulnhub Labs. This list contains all the writeups available on hackingarticles.

Gives you one-liners that aids in penetration testing operations, privilege escalation and more

Kali Intelligence Suite (KIS) shall aid in the fast, autonomous, central, and comprehensive collection of intelligence by executing standard penetration testing tools. The collected data is internally stored in a structured manner to allow the fast identification and visualisation of the collected information.

Windows Privilege Escalation Techniques and Scripts

Quiver is the tool to manage all of your tools for bug bounty hunting and penetration testing.

This script will you help to find the information about the website and to help in penetrating testing

A Docker container for remote penetration testing.

Tool Information Gathering Write By Python.

Kali Live Build Scripts

A curated list of awesome OSCP resources

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Collection of tips, tools and tutorials around infosec

my oscp prep collection

Password wordlist generator using song lyrics for targeted bruteforce audits / attacks. Useful for penetration testing or security research.

A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.

Don't let buffer overflows overflow your mind

GitBook: OSCP RoadMap

Framework RapidPayload - Metasploit Payload Generator | Crypter FUD AntiVirus Evasion

JustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)

Penetration Testing notes, resources and scripts

HRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

File Inclusion & Directory Traversal fuzzing, enumeration & exploitation tool.

Captive wifi hotspot bypass tool for Linux

Chimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Offensive Reverse Shell (Cheat Sheet)

Top 100 Hacking & Security E-Books (Free Download)

AV-evading Pythonic Reverse Shell with Dynamic Adaption Capabilities

🙃 Reverse Shell Cheat Sheet 🙃

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

network reconnaissance toolkit

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

The LAZY script will make your life easier, and of course faster.

A place where I can create, collect and share tooling, resources and knowledge about information security.

Armor is a simple Bash script designed to create encrypted macOS payloads capable of evading antivirus scanners.

Web Penetration Testing with Kali Linux - Third Edition, published by Packt

Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations

Dark-Phish is a complete phishing tool. For more about Dark-Phish tool please visit the website.

recon-ng modules for Censys

PENIOT: Penetration Testing Tool for IoT

This is a complete project series on implementing hacking tools available in Kali Linux into python.

General stuff for pentesting - password cracking, phishing, automation, Kali, etc.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Docker - Ubuntu with a bunch of PenTesting tools and wordlists

Vulnerable software and exploits used for OSCP/OSCE preparation

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Boxer: A fast directory bruteforce tool written in Python with concurrency.

WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.

Jasmin Ransomware is an advanced red team tool (WannaCry Clone) used for simulating real ransomware attacks. Jasmin helps security researchers to overcome the risk of external attacks.

Message from Anonymous :)